-
Notifications
You must be signed in to change notification settings - Fork 43.2k
CVE-2020-8553: ingress-nginx auth-type basic annotation vulnerability #126818
Copy link
Copy link
Closed
Labels
area/securitycommittee/security-responseDenotes an issue or PR intended to be handled by the product security committee.Denotes an issue or PR intended to be handled by the product security committee.kind/bugCategorizes issue or PR as related to a bug.Categorizes issue or PR as related to a bug.lifecycle/frozenIndicates that an issue or PR should not be auto-closed due to staleness.Indicates that an issue or PR should not be auto-closed due to staleness.official-cve-feedIssues or PRs related to CVEs officially announced by Security Response Committee (SRC)Issues or PRs related to CVEs officially announced by Security Response Committee (SRC)triage/acceptedIndicates an issue or PR is ready to be actively worked on.Indicates an issue or PR is ready to be actively worked on.
Description
Metadata
Metadata
Assignees
Labels
area/securitycommittee/security-responseDenotes an issue or PR intended to be handled by the product security committee.Denotes an issue or PR intended to be handled by the product security committee.kind/bugCategorizes issue or PR as related to a bug.Categorizes issue or PR as related to a bug.lifecycle/frozenIndicates that an issue or PR should not be auto-closed due to staleness.Indicates that an issue or PR should not be auto-closed due to staleness.official-cve-feedIssues or PRs related to CVEs officially announced by Security Response Committee (SRC)Issues or PRs related to CVEs officially announced by Security Response Committee (SRC)triage/acceptedIndicates an issue or PR is ready to be actively worked on.Indicates an issue or PR is ready to be actively worked on.
Type
Fields
Give feedbackNo fields configured for issues without a type.
A security issue was discovered in ingress-nginx versions older than v0.28.0. The issue is of medium severity, and upgrading is encouraged to fix the vulnerability.
Am I vulnerable?
The vulnerability exists only if the annotation nginx.ingress.kubernetes.io/auth-type: basic is used.
How do I upgrade?
Follow installation instructions here
Vulnerability Details
A vulnerability has been discovered where a malicious user could create a new Ingress definition resulting in the replacement of the password file. The vulnerability requires that the victim namespace and/or secret use a hyphen in the name.
This scenario requires privileges in the cluster to create and read ingresses and also create secrets.
This issue is filed as CVE-2020-8553.
/close